2Q Security Roundup: Mobile Flaws Form Lasting Security Problems

Threats on mobile platforms, devices, and applications have been swelling up over the past years; but this quarter, they have finally gone full throttle. Cybercriminals have found more sophisticated ways to bypass mobile security, and it’s not just through malicious applications anymore.

Android Updates Lag, Users Suffer Critical Flaws

Proof of the Android “Master Key” vulnerability rose with the discovery that cybercriminals can exploit the flaw to update original apps with malicious ones. The multicomponent OBAD malware, on the other hand, exploits an administration flaw to run complex stealth and propagation routines.

Patching these critical vulnerabilities is proving to be a problem given the sluggish Android update process. Android’s fragmentation issue pushes security patches through slow manufacturer-developer paths before reaching users.

To add to these, the malicious and high-risk Android app total continues to break records with this quarter’s 718,000 count. Users of the OS can expect that cybercriminals will continue in pursuit knowing that in just six months, malware apps have increased by 350,000—a feat that once took three years to achieve.

Timeline comparison of Android and Windows malware

This quarter’s mobile events are sure to cause lasting security problems. It doesn’t help that the mobile experience involves a large human factor involvement, from which many disastrous insecure habits are formed.

Online Banking Malware Up, More Threats Revamped

This quarter’s online banking threat count increased by nearly a third compared to last quarter. These threats claimed most of their victims from the United States, Brazil, Australia, and France.

Many of the big threats known to the industry return with revamped schemes and tricks. Looking at the underground market, experts saw malware kits pricing decrease over time. Some, like SpyEye, are even being bundled free if you buy other known kits. The Blackhole Exploit Kit (BHEK) uses a new FAREIT malware variant which is known to steal file transfer protocol (FTP) credentials and any personal information on a target computer. Targeted campaigns, like Safe, continue to attack enterprises. Server-side applications, Plesk, Ruby on Rails, and ColdFusion®, had vulnerabilities exploited. Social engineering threats now target multiple account access services, as Digsby, and use numerous blogging platforms as fake streaming pages.